a chronicle of my coding discoveries

Understanding the Oct 21 Cyber Attack

On the Friday of the attack on Dyn that caused mass website outages, I unknowingly clicked on a link from an author’s website to her Twitter account. This lady needs to update her link, I grumbled to myself when it didn’t work. Then, I tried going straight to Twitter to search for her name. Huh, I thought, when the page wouldn’t load. A few hours later, I read an article about the Dyn cyberattack.

Obviously, it’s horrifying for a number of reasons that this kind of attack, with such widespread effects, can occur. But for me, there was a layer of excitement when I read about it, because I had just learned about how our computers access websites on the internet a few days earlier.

Basically, here’s what’s supposed to happen when you type a website address into your browser.

A request is sent through the Internet Service Provider (ISP).

The request lands at a Domain Name Server (DNS). The server is an actual piece of hardware that helps locate the numerical Internet Protocol (IP) address of the website.

When the website is located using the IP address, packets of data are sent back to your computer, and the website loads.

To take Twitter, Reddit, and The New York Times, etc, down on Oct 21st, hackers didn’t attack the individual sites. They attacked the company (Dyn) whose servers connect us with those sites. Dyn was inundated with requests from devices that had been infected with malware, meaning that clients with legitimate requests couldn’t get through. This is called a Distributed Denial-of-Service (DDoS) attack.

More knowledgeable people out there: if I got any parts of this wrong, please inform me. (Like I said, I just learned this myself a few weeks ago, so there’s potential for error). Understanding the gist, however, has certainly helped me grasp the severity and implications of this kind of attack. I’m curious to see how the balance of security and the growing availability and dependence on internet-connected devices will play out in the future.

Post navigation

One thought on “Understanding the Oct 21 Cyber Attack”

calling it a “balance” is very kind. its more like a world where candy stores (and candy) are so ubiquitious that a penny will buy half the store, and in that economy no amount of parenting can stop cavities and sick bellies.

compare that cheerful metaphor (based on the overabundance of internet-capable devices with incapable security models, aka “the internet of things/or better: the internet of crap”) with the word “cyber attack” which is supposed to conjure up images of some digital 9/11 (or a real 9/11 that starts with the old scary entities hacking our power grid.)

i cant wait until we have to do the digital equivalent of taking off our shoes and sticking them on a conveyor every time we want to visit a website.

but for now, we are doing the opposite– instead of taking reasonable safety precautions, we are doing things that are absolutely and utterly stupid. like attaching pointless internet connections to *everything.* its demonstrably a nightmare, it makes thermostates/appliances/doors/cameras/even safes (as in the ones you put valuables in) hackable without much good reason… consumers just lap it all up. but people care more about the right to make terrible choices than they care about even having good, safe options. there are so few, no one cares (pass the pixie sticks.)